Browse Source

doc: document the rsa_oaep_md: pkeyopt

This was missing but essential for using non-SHA1 digests with OAEP.

Fixes #15998

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16410)
master^2
Pauli 2 months ago
parent
commit
a291cfdfde
1 changed files with 10 additions and 0 deletions
  1. +10
    -0
      doc/man1/openssl-pkeyutl.pod.in

+ 10
- 0
doc/man1/openssl-pkeyutl.pod.in View File

@ -262,6 +262,11 @@ B<PSS> block structure.
For PSS and OAEP padding sets the MGF1 digest. If the MGF1 digest is not
explicitly set in PSS mode then the signing digest is used.
=item B<rsa_oaep_md:>I<digest>
Sets the digest used for the OAEP hash function. If not explicitly set then
SHA1 is used.
=back
=head1 RSA-PSS ALGORITHM
@ -391,6 +396,11 @@ Verify some data using an L<SM2(7)> certificate and a specific ID:
openssl pkeyutl -verify -certin -in file -inkey sm2.cert -sigfile sig \
-rawin -digest sm3 -pkeyopt distid:someid
Decrypt some data using a private key with OAEP padding using SHA256:
openssl pkeyutl -decrypt -in file -inkey key.pem -out secret \
-pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256
=head1 SEE ALSO
L<openssl(1)>,


Loading…
Cancel
Save